My Sygate firewall says I'm keep getting UDP port scans from the same IP, I traced the IP to Chinese ISP added a advanced rule to block their IP but I'm still getting port scans from them , the same with other IPs I get port scans & set a advanced rule to block them but I still get port scans from the same IP.
Why is it happening even If I set up a advanced rule to block them it still says their port scanning me?My firewall says it's blocking them . Should I report them to their ISP & what exactly is port scanning?I'm guessing their scanning to see if I have any open ports for them to connect to me to do who knows what.
port scans
Moderator: CricketMX Forum Moderators
When it comes to firewalls, I'm out of my comfort zone, however, have you tried blocking an entire IP range?
You should be able to set wildcards somewhere such as xxx.xxx.xxx.* with the asterix as the wildcard.
You should be able to set wildcards somewhere such as xxx.xxx.xxx.* with the asterix as the wildcard.
CricketMX.com in 2022: Still the home of bat's, rat's and other farmyard animals!
"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)
"OK, life [as you chose to define it] repeats until there are no more lessons to be learned." - nrnoble (June 12, 2005)
"the new forum looks awesome, it's getting bigger & better" - p2p-sharing-rules (11 Jan, 2008)
"Looks like CMX is not only getting bigger...but, also getting better!!" - moongirl (14 Dec, 2007)
-
p2p-sharing-rules
- Moderator
- Posts: 8462
- Joined: Mon Mar 29, 2004 6:55 pm
- Location: Canada
Thanks Battye I haven't put a IP address range just the IP they were using when they UDP port scanned me.
Sounds like a bug to me. The reason reports keeps coming back to you is the fact your PC is is the culprit sending the info. to the intruder.
Start doing some virus scans I bet you will find it hidden inside.
Start doing some virus scans I bet you will find it hidden inside.
It seems that China has a lot of machines involved in this kind of activity. I get a lot of phishing reports at work, and many of the originating ip addresses are in China.
-
Layzie Bone
- Mr. Computergeek Salad Guy
- Posts: 2465
- Joined: Mon May 24, 2004 11:59 pm
- Location: North Carolina
- Contact:
interesting. When i was at college the University would do port scans, I think by the time the semester was over I had about 80 computers blocked. I couldn't do a IP range because i would make it to where I couldn't get on the university's website and the internet in general. I had about %1 of the network blocked, out of 65,535 computers....
I would run some adware/spyware scanner because along with phishing, keloggers are a possibility. Keloggers are used to watch your every move, every key you press and every click of the mouse is logged, therefore they can get your credit card info.
Port scans are used to find out which ports are open to communication. However, with a software firewall all ports, except ones in use, are stealthed. That means, the person scanning your ports can't find out whether they're open or closed, as if your computer is invisible.
I would run some adware/spyware scanner because along with phishing, keloggers are a possibility. Keloggers are used to watch your every move, every key you press and every click of the mouse is logged, therefore they can get your credit card info.
Port scans are used to find out which ports are open to communication. However, with a software firewall all ports, except ones in use, are stealthed. That means, the person scanning your ports can't find out whether they're open or closed, as if your computer is invisible.